Sisense API Rules

rules:
  sisense-bearer-auth:
    description: All Sisense API operations (except login) must use Bearer token authentication
    message: "Operation is missing Bearer token security requirement"
    severity: warn
    given: "$.paths[?([email protected](/login/))].*.security"
    then:
      function: truthy

  sisense-title-case-summaries:
    description: All operation summaries must use Title Case
    message: "Summary '{{value}}' should use Title Case"
    severity: warn
    given: "$.paths.*.*.summary"
    then:
      function: pattern
      functionOptions:
        match: "^[A-Z]"

  sisense-camel-case-operation-ids:
    description: All operationId values must use camelCase
    message: "operationId '{{value}}' should use camelCase"
    severity: error
    given: "$.paths.*.*.operationId"
    then:
      function: pattern
      functionOptions:
        match: "^[a-z][a-zA-Z0-9]+$"

  sisense-tags-required:
    description: All operations must have at least one tag
    message: "Operation is missing tags"
    severity: warn
    given: "$.paths.*.*"
    then:
      field: tags
      function: truthy

  sisense-servers-defined:
    description: API must define servers with host variable
    message: "API is missing server definitions"
    severity: error
    given: "$"
    then:
      field: servers
      function: truthy

  sisense-pagination-params:
    description: Collection GET operations should support limit and skip pagination
    message: "GET collection endpoint should support limit and skip parameters"
    severity: info
    given: "$.paths[?([email protected](/{.*}/))].get.parameters[*].name"
    then:
      function: pattern
      functionOptions:
        match: "^(limit|skip|fields|sort|expand)$"

  sisense-contact-info:
    description: API info must include contact information
    message: "API info is missing contact details"
    severity: warn
    given: "$.info"
    then:
      field: contact
      function: truthy